Page tree
Skip to end of metadata
Go to start of metadata

Overview

The EasyApache FileProtect option improves the security of each user's public_html directory. In EasyApache 4, the system enables this option by default.

Usage

Use this option to protect each cPanel account user's public_html directory and each addon domain's document root directory so that only Apache and the user may view its contents.

When you enable this option, EasyApache performs the following actions:

  • Creates the /var/cpanel/fileprotect file.
  • Executes the /usr/local/cpanel/scripts/enablefileprotect script, which sets more secure permissions for each user's /public_html directory.
  • Sets the user's /home/username/ directory to 0711 permissions.

    Note:

    When you disable this option, EasyApache sets this directory to 0755 permissions.

  • Sets all document root directories' GroupID to the nobody user and 0750 permissions.

    Note:

    When you disable this option, EasyApache sets the GroupID to the username user, where username represents the user's username.

Requirements

This option does not possess any requirements.

Compatibility

  • This option functions when you enable the ModRuid2 Apache module.
  • This option does not possess any known compatibility issues.

Enable or Disable FileProtect

In the interface

You can enable or disable the FileProtect option with the Enable File Protect option in the Security section of WHM's Tweak Settings interface (WHM >> Home >> Server Configuration >> Tweak Settings).

This option defaults to enabled.

On the command line

To enable the FileProtect option, run the following script:

/usr/local/cpanel/scripts/enablefileprotect

To disable the FileProtect option, run the following script:

/usr/local/cpanel/scripts/disablefileprotect


For more information about these scripts, run these scripts with the --help flag.

Additional documentation